<?php
include_once("config.php");
if (isset($_SESSION['adminName'])){
	$isAdmin=true;
}else{
	$isAdmin=false;
}
if (isset($_POST['useremail']) && isset($_POST['restuarantaddress']) && isset($_POST['ordernumber']) && isset($_POST['arrivaltime'])){
	$isInputValid=true;
}else{
	$isInputValid=false;
}
if ($isInputValid){
	$useremail=mysql_real_escape_string(stripcslashes($_POST['useremail']));
	$restuarantaddress=mysql_real_escape_string(stripcslashes($_POST['restuarantaddress']));
	$arrivaltime=mysql_real_escape_string(stripcslashes($_POST['arrivaltime']));
	$ordernumber=mysql_real_escape_string(stripcslashes($_POST['ordernumber']));
  date("Y-m-d H:i:s", $arrivaltime);

  if (!empty($restuarantaddress) && !empty($ordernumber) && !empty($useremail) && !empty($arrivaltime)){
	  $queryStr="INSERT INTO orders VALUES('$useremail','$ordernumber','$arrivaltime','$restuarantaddress')";
	  echo "res_address:  ".$restuarantaddress;
	  mysql_query($queryStr) or die("Error: ".mysql_error()."<br/>go back <a href='vieworder.php'>here</a>");
	  $isSuccessful=true;
  }else{
  	$isSuccessful=false;
  }
}else{
	$isSuccessful=false;
}
if ($isAdmin && $isSuccessful){
  header("location: vieworder.php");
}else if(!$isAdmin){
  header("location: adminIndex.php");
}else if(!$isInputValid){
	echo "Input is not valid!<br/> go back <a href='vieworder.php'>here</a>";
}else{
	echo "Input format does not fulfill requirements. <br/> go back <a href='vieworder.php'>here</a>";
}
?>
